SMTP Virtual Server Current Sessions showing some strange domain connections

I am seeing lots of sessions in our SMTP virtual server that I dont think should be there.  They are from some very odd domains including .hu, .it, .lb, etc.   Does this mean I have been comprimised?  I will make sure open-relay is not on, is there anything else I need to do?
LVL 1
globalwmAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
adolphus850Connect With a Mentor Commented:
So long as your server is not set to open relay you should not have anything to worry about.

spammers may be trying to connect to your server, but if your not relaying it should all be ok.
0
 
Greg JacknowCommented:
If you haev an internet facing server you are going to see a lot of mail in your outgoing queue that are bounces from all sorts of span and other stuff setn to old/bad addresses.  Obviously the spam return addresses are mostly junk so they sit there in your outgoing queue and are retried.  This could be what you are seeing.

Greg J
0
 
globalwmAuthor Commented:
I am specifically talking about the Current Sessions on the smtp virtual server.
0
 
manelson05Commented:
I am also having the same problem. Under the virtual servers/sesions I have two users one named Hp2345345491 with an ip located in italy and the other authenticated user name localhost with ip in turkey.
Relay is off, if I disable these accounts in the virtual server all smtp mail fails, if I delete the internal address of the mail server 192.168.1.251(192.168.1.248) things stop working I am in need of any help to resolve.
0
 
trouble9306Commented:
I am having a similar problem, lots and lots of spam and current sessions open from all over the world. I had a guy call me from states away to say that exchange was sending spam. I terminate the sessions but I just logged in to my server and have 4 more current session from two different places. I have had it checked for open relay but was told there was no open relays. We have also been getting some mail returned undeliverable and I am thinking we may be getting blacklisted. also if I am being blacklisted how can I find out an fix it.
0
All Courses

From novice to tech pro — start learning today.